A Lawyer's Guide to Ephemeral Messaging
-min.avif)
Rebecca Cronin is Director of Technical Solutions at Legility, with more than a decade of experience in the fields of eDiscovery and legal technology. She advises clients on the development and implementation of strategies employing technology in litigation, investigation, regulatory and compliance. She holds a masters degree in information security and computer forensics from the University of East London, and an honors degree in computer engineering from the University of Limerick. She is a Relativity Master.
Ephemeral messaging has become a fixture of an increasing number of workplaces. To address this reality, the Sedona Conference has released new guidance on navigating this thorny legal terrain.
Over the past ten years, ephemeral messaging – digital communication platforms that automatically delete messages after a set amount of time – has become a fixture of an increasing number of workplaces.
The convenience and efficiency of applications like Google Chat, Signal, Wickr, and Telegram have gained in popularity with more remote work amid the COVID-19 pandemic. And, to a lesser extent, Slack – which while not often used, offers an ephemeral messaging option.
Addressing this reality, the Sedona Conference earlier this year released new guidance for lawyers and eDiscovery practitioners on navigating the thorny legal terrain of ephemeral messaging.
Ephemeral messaging can pose significant risks to a legal defense during litigation or investigations.
Risks and benefits of ephemeral messaging for legal teams
Ephemeral messaging holds many advantages for companies, as the new guidance acknowledges. Automated deletion helps cut down on the data companies keep and the cost of storing it. Minimizing stored data, in turn, helps companies to limit their exposure to data breaches as well as comply with privacy laws such as the European Union’s General Data Protection Regulation (GDPR).
However, when a company faces investigation or litigation, ephemeral messaging poses some significant risks to a legal defense.
Evidence preservation and ephemeral messaging
In the face of an investigation or lawsuit, companies are required to preserve certain data that could be used as evidence. If that information is deleted without a justifiable reason, the courts could sanction the company for failing to produce the data in a discovery process.
Furthermore, if a company has no policy on managing ephemeral messaging, its lawyers may have a hard time explaining why certain content was deleted.
So, what can lawyers do to protect their clients who use ephemeral messaging?
Ephemeral messaging litigation checklist
Lawyers need to be aware of the widespread use of ephemeral messaging and keep it on their checklist of items for their clients to address at the start of litigation or an investigation.
Step 1: Halt automated deletion
Most automated deletion applications are configurable. For instance, the user could adjust settings so that a message is deleted as soon as it is read, 10 minutes later, or the next day.
In most cases, a company’s IT department sets the configurations and therefore, can change them.
As soon as a case, complaint, or investigation is filed, the client’s IT department, under the guidance of a lawyer or eDiscovery professional, needs to shut off any kind of automated deletion as soon as possible.
Keep in mind that when you tell IT to stop the automatic deletion of email, for instance, they may not understand the legal implications or tell you about other platforms with automatic deletion because they don’t realize it’s legal significance. That’s why a lawyer needs to ask the right questions – for example: are there any other platforms where messages are automatically deleted?
With new Sedona Conference guidelines on ephemeral messaging during litigation or investigation, now is the time to develop discovery protocols.
Step 2: Create a data deletion policy
Creating a policy for when and how information is deleted is the first line of defense in the event of litigation.
Many companies have data retention policies but forget to address data deletion.
If you don’t have a policy saying when you will delete things and who will delete them, then, you probably won’t do it and will end up storing lots of content that you don’t need. Therefore, what isn’t deleted becomes disclosable simply because you have it.
However, with a consistent data deletion policy, it is easier to explain to the courts why certain data was deleted before the start of a legal dispute. And you have your policy that you had been following for years there to back you up.
Consult eDiscovery experts in ephemeral messaging
Turn to your eDiscovery vendor when you encounter a case involving ephemeral messaging. A qualified eDiscovery vendor can help you understand the systems your client has in place and where information is stored, effectively stop automated deletion after litigation starts, and map out where to look for things that will be discoverable in the case.
Conclusion
Ephemeral messaging has become part of routine communication in the workplace. Now is the time to develop or update data deletion protocols to make effective communication work for you rather than against you in a discovery dispute.
Ephemeral messaging has become a fixture of an increasing number of workplaces. To address this reality, the Sedona Conference has released new guidance on navigating this thorny legal terrain.
Over the past ten years, ephemeral messaging – digital communication platforms that automatically delete messages after a set amount of time – has become a fixture of an increasing number of workplaces.
The convenience and efficiency of applications like Google Chat, Signal, Wickr, and Telegram have gained in popularity with more remote work amid the COVID-19 pandemic. And, to a lesser extent, Slack – which while not often used, offers an ephemeral messaging option.
Addressing this reality, the Sedona Conference earlier this year released new guidance for lawyers and eDiscovery practitioners on navigating the thorny legal terrain of ephemeral messaging.
Ephemeral messaging can pose significant risks to a legal defense during litigation or investigations.
Risks and benefits of ephemeral messaging for legal teams
Ephemeral messaging holds many advantages for companies, as the new guidance acknowledges. Automated deletion helps cut down on the data companies keep and the cost of storing it. Minimizing stored data, in turn, helps companies to limit their exposure to data breaches as well as comply with privacy laws such as the European Union’s General Data Protection Regulation (GDPR).
However, when a company faces investigation or litigation, ephemeral messaging poses some significant risks to a legal defense.
Evidence preservation and ephemeral messaging
In the face of an investigation or lawsuit, companies are required to preserve certain data that could be used as evidence. If that information is deleted without a justifiable reason, the courts could sanction the company for failing to produce the data in a discovery process.
Furthermore, if a company has no policy on managing ephemeral messaging, its lawyers may have a hard time explaining why certain content was deleted.
So, what can lawyers do to protect their clients who use ephemeral messaging?
Ephemeral messaging litigation checklist
Lawyers need to be aware of the widespread use of ephemeral messaging and keep it on their checklist of items for their clients to address at the start of litigation or an investigation.
Step 1: Halt automated deletion
Most automated deletion applications are configurable. For instance, the user could adjust settings so that a message is deleted as soon as it is read, 10 minutes later, or the next day.
In most cases, a company’s IT department sets the configurations and therefore, can change them.
As soon as a case, complaint, or investigation is filed, the client’s IT department, under the guidance of a lawyer or eDiscovery professional, needs to shut off any kind of automated deletion as soon as possible.
Keep in mind that when you tell IT to stop the automatic deletion of email, for instance, they may not understand the legal implications or tell you about other platforms with automatic deletion because they don’t realize it’s legal significance. That’s why a lawyer needs to ask the right questions – for example: are there any other platforms where messages are automatically deleted?
With new Sedona Conference guidelines on ephemeral messaging during litigation or investigation, now is the time to develop discovery protocols.
Step 2: Create a data deletion policy
Creating a policy for when and how information is deleted is the first line of defense in the event of litigation.
Many companies have data retention policies but forget to address data deletion.
If you don’t have a policy saying when you will delete things and who will delete them, then, you probably won’t do it and will end up storing lots of content that you don’t need. Therefore, what isn’t deleted becomes disclosable simply because you have it.
However, with a consistent data deletion policy, it is easier to explain to the courts why certain data was deleted before the start of a legal dispute. And you have your policy that you had been following for years there to back you up.
Consult eDiscovery experts in ephemeral messaging
Turn to your eDiscovery vendor when you encounter a case involving ephemeral messaging. A qualified eDiscovery vendor can help you understand the systems your client has in place and where information is stored, effectively stop automated deletion after litigation starts, and map out where to look for things that will be discoverable in the case.
Conclusion
Ephemeral messaging has become part of routine communication in the workplace. Now is the time to develop or update data deletion protocols to make effective communication work for you rather than against you in a discovery dispute.
